$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS24203.roa File: AS24203.roa (raw, json) Hash identifier: mOUgWnLrRM4UCU58vNYA+SNpfq10nVoFdu6CjJpGndo= Subject key identifier: 4A:61:46:3F:84:72:8E:F4:DA:13:10:01:8E:C6:55:C9:E1:2C:8D:26 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 76E7B905073D7FDEA1C5FE33227D04D59A4E93BF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS24203.roa Signing time: Sat 02 May 2026 08:35:42 +0000 ROA not before: Sat 02 May 2026 08:30:42 +0000 ROA not after: Sat 01 May 2027 08:35:42 +0000 asID: 24203 IP address blocks: 203.33.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:e7:b9:05:07:3d:7f:de:a1:c5:fe:33:22:7d:04:d5:9a:4e:93:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:30:42 2026 GMT Not After : May 1 08:35:42 2027 GMT Subject: CN=4A61463F84728EF4DA1310018EC655C9E12C8D26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c1:78:e1:22:25:51:a8:2e:dd:a0:e1:1e:71: 63:7e:75:53:af:92:b2:5e:11:56:2e:25:a7:6c:83: 56:83:1b:ca:08:ae:f9:d0:9b:63:c3:c1:3f:fc:c8: 7a:e3:2a:1e:17:00:34:ce:13:1b:f4:4c:7b:20:69: 59:95:66:51:fd:6e:75:c7:5c:e7:d8:fa:34:ac:3b: 81:33:a8:fa:cc:18:64:ac:9c:04:c2:bc:93:6e:2d: 32:38:80:57:6c:79:88:6e:f8:ed:1c:d5:bf:25:e1: 23:2c:c4:b9:6b:e7:db:ed:d6:bc:c0:96:42:7e:c4: db:c4:05:5c:47:1e:94:03:ea:d8:25:8f:de:16:66: ae:88:c5:52:1f:4b:62:0e:24:b8:c6:73:d3:ca:8e: 88:1a:c9:1f:73:3e:fc:e2:ea:ac:19:f0:de:36:72: 30:98:1a:d5:9f:54:b9:4e:e7:9f:24:d5:ae:2c:bb: 9e:73:1a:63:a3:8b:a7:78:e7:17:ce:a2:42:37:52: f6:87:c4:28:90:5a:fe:e3:0b:ac:67:10:7f:cb:45: c7:8f:4f:68:34:35:56:e6:75:f7:c5:35:52:06:7a: 27:10:0a:20:40:a8:0d:49:ae:aa:5d:b9:8d:e6:35: a1:51:70:32:64:18:90:a8:b3:4b:fa:37:d4:00:61: ca:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:61:46:3F:84:72:8E:F4:DA:13:10:01:8E:C6:55:C9:E1:2C:8D:26 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS24203.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.33.35.0/24 Signature Algorithm: sha256WithRSAEncryption 60:f6:51:d0:d0:32:ef:33:6b:0a:f0:93:61:dc:78:2c:13:a3: 42:c5:79:9c:b1:aa:70:ed:3f:9a:cf:83:ff:b8:b5:b0:9f:37: 24:89:8c:9a:dd:01:92:85:00:93:0f:08:3c:15:bb:e2:4f:b8: 4d:94:e3:18:73:e8:f4:d8:e7:2a:01:30:52:34:bd:54:31:ec: e5:ce:90:2b:b7:dc:0d:c1:a7:54:2d:e6:e1:97:84:c4:12:ef: 87:1a:9f:44:4f:73:2e:a9:25:64:ff:90:56:f9:17:de:54:95: 56:28:80:29:d4:08:29:af:3c:8f:9f:5e:ce:1b:fd:fe:62:85: 2d:9f:3e:0c:0d:71:8b:f8:05:7b:67:07:67:92:ec:0c:5d:ca: 83:c8:7e:0e:b8:b7:d4:29:d0:ec:02:9d:61:e0:fd:2b:03:21: 8d:cc:0a:b4:fe:a6:91:16:20:6b:42:ee:6f:a2:94:48:76:cb: 28:89:67:c6:28:58:53:83:d0:02:b3:80:39:48:39:6d:ac:3e: 9d:1d:14:f1:79:83:ba:57:74:70:15:00:36:f7:28:4d:70:cc: 8b:43:0e:11:64:79:06:f0:14:6d:06:a6:4b:54:5d:9d:d8:3a: 7a:c9:a8:3a:d0:21:2b:61:cb:48:2d:e7:bd:51:88:14:26:5d: 5e:ea:2a:6a -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIUdue5BQc9f96hxf4zIn0E1ZpOk78wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzA0MloX DTI3MDUwMTA4MzU0MlowMzExMC8GA1UEAxMoNEE2MTQ2M0Y4NDcyOEVGNERBMTMx MDAxOEVDNjU1QzlFMTJDOEQyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzBeOEiJVGoLt2g4R5xY351U6+Ssl4RVi4lp2yDVoMbygiu+dCbY8PBP/zI euMqHhcANM4TG/RMeyBpWZVmUf1udcdc59j6NKw7gTOo+swYZKycBMK8k24tMjiA V2x5iG747RzVvyXhIyzEuWvn2+3WvMCWQn7E28QFXEcelAPq2CWP3hZmrojFUh9L Yg4kuMZz08qOiBrJH3M+/OLqrBnw3jZyMJga1Z9UuU7nnyTVriy7nnMaY6OLp3jn F86iQjdS9ofEKJBa/uMLrGcQf8tFx49PaDQ1VuZ198U1UgZ6JxAKIECoDUmuql25 jeY1oVFwMmQYkKizS/o31ABhygsCAwEAAaOCAcswggHHMB0GA1UdDgQWBBRKYUY/ hHKO9NoTEAGOxlXJ4SyNJjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjQyMDMucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBADLISMwDQYJKoZIhvcNAQELBQADggEBAGD2UdDQMu8zawrwk2HceCwTo0LF eZyxqnDtP5rPg/+4tbCfNySJjJrdAZKFAJMPCDwVu+JPuE2U4xhz6PTY5yoBMFI0 vVQx7OXOkCu33A3Bp1Qt5uGXhMQS74can0RPcy6pJWT/kFb5F95UlVYogCnUCCmv PI+fXs4b/f5ihS2fPgwNcYv4BXtnB2eS7AxdyoPIfg64t9Qp0OwCnWHg/SsDIY3M CrT+ppEWIGtC7m+ilEh2yyiJZ8YoWFOD0AKzgDlIOW2sPp0dFPF5g7pXdHAVADb3 KE1wzItDDhFkeQbwFG0GpktUXZ3YOnrJqDrQISthy0gt571RiBQmXV7qKmo= -----END CERTIFICATE-----Generated at Sun May 3 00:40:20 2026 by rpki-client